Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Northern Irish police use water cannon on second night of protests
-
Raphinha eager to deliver for Ancelotti as Brazil get set for World Cup bid
-
Trump brushes off latest US inflation jump
-
FIFA boss Infantino defends World Cup ticket prices, brushes off visa row
-
Lutkenhaus confirms emergence at Oslo Diamond League, Tebogo beats Gout Gout
-
French pop icon Bruel charged with rape, sexual assault
-
Sesame Street and 'USA' chants: coach Pochettino rallies World Cup fans
-
Stocks slide on US inflation surge, tech weakness
-
Pope blesses new tower at Barcelona's Sagrada Familia
-
Cape Town becomes first African World Marathon Major
-
Pentagon chief visits Guantanamo, warns Cuba against threatening US
-
Climate change-fuelled storm decimated world's rarest great ape: study
-
FIFA boss Infantino says case of Somali referee 'unfortunate'
-
England World Cup warm-up friendly delayed by storm
-
Toronto's Bosnians relish improbable World Cup showdown
-
Senesi signs up for Spurs rebuild under De Zerbi
-
Trump vows 'hard' new Iran strikes for 'playing us for suckers'
-
Haiti forced to change World Cup kit over war imagery
-
Frasers makes 2-bn-euro offer for Hugo Boss
-
Ancelotti marks birthday as Spike Lee visits Brazil World Cup training
-
Haiti hoping to do their country proud and upset odds at World Cup
-
Trump vows attacks on Iran for 'playing' US over peace deal
-
NASA head defends Artemis 3 crew of all men
-
SpaceX's historic IPO by the numbers
-
Trump vows fresh Iran strikes after 'playing us for suckers'
-
Norm-breaking SpaceX IPO a source of elation, angst on Wall Street
-
Bill Gates tells Epstein hearing he 'never victimized anyone'
-
Odds rising for very strong El Nino: EU monitor
-
Olympic chief confident for LA Games despite World Cup 'challenges'
-
Breakaway king Simmons escapes with win at Tour Auvergne-Rhone-Alpes
-
Belfast girds for more violence after stabbing suspect held
-
Juve, Torino fans given 10-match away ban after derby trouble: media
-
Stocks slide as US inflation surges, US and Iran trade strikes
-
Surging US consumer inflation hits three-year high in key challenge for Trump
-
Vaughan backs Stokes to stay on as England captain
-
Bill Gates arrives for questioning in US Congress over Epstein ties
-
Amnesty accuses Israel of 'ethnic cleansing' of West Bank Bedouins
-
German consortium hopes to build new fighter jet after FCAS collapse
-
O'Callaghan and Short clock history-making times at Australian trials
-
Trump says Iran 'taken too long to negotiate,' will have to 'pay the price'
-
Pakistan launches deadly strikes on Afghanistan
-
Israel's Netanyahu to seek re-election despite Trump doubts, war strains
-
Stocks drop ahead of key US inflation data
-
6-7, Bad Bunny, AI: Pope targets the young
-
FIFA boss Infantino faces questions on eve of World Cup
-
Iran attacks US bases in Jordan and Bahrain
-
Tech leads Asia losses as rollercoaster week rumbles on
-
Belfast stabbing suspect due in court after night of violence
-
Saudi's new national carrier gets off ground despite war, delays
-
Eddie Jones eyes Mourinho-like laundry stunt to escape ban
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
Q.Bulbul--SF-PST
